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AMENDMENTS TO THE CLAIMS 

1 . (Currently Amended) A method for encrypting data, the method comprising: 
providing a first data processing systerrvfef-. 
g o n o rat i ng a s e ssion key; 

encrypt i ng tho data util i z i ng tho session koy us i ng a symmotr i c encrypt i on 
rout i ne; 

e ncrypt i ng th e s e ssion key ut i l i z i ng a us e r public k o y us i ng a f i rst 
asymm e tr i c e ncryption rout i n e ; 

encrypt i ng th e sess i on key ut i lizing a mast e r publ i c key using a second 
a symm e tric encrypt i on rout i n e ; 

gon o r a t i ng a data pack e t i nclud i ng th e o ncrypt o d data, th o e ncrypt e d 
s e ssion koy ut i l i z i ng th e us o r pub l ic k e y and th o e ncrypt e d session koy utiliz i ng 
tho master public key; 

transmitting th e data pack e t to a dest i nat i on dat a proc e ss i ng syst e m; 

d e crypting th e data pack e t uti li zing th e s e ss i on koy us i ng th o symmotr i c 
encrypt i on routin e ; 

decrypt i ng th e sess i on k e y ut ili z i ng a us e r pr i vate key us i ng th e f i rst 
a symm e tr i c e ncrypt i on rout i n e ; and 

d e crypt i ng th e e ncrypt e d s e ss i on k e y ut ili z i ng a mast e r pr i vat e k e y using 
th e s e cond asymm e tric e ncryption rout i n e . providinq a second data processing 
system including program instructions to generate a session key, to decrypt 
original data using the session key, to encrypt the session key with a first user's 
public key, to encrypt the session key with a master public key, to generate a 
data packet including a plurality of encrypted session keys and encrypted data, 
and to transmit the data packet to the first data processing system; 
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generating and transmitting the data packet to another data processing 
system instead of or in addition to the first data processing system using the first 
user's public key, the session key, a new session key and the master public key; 
and 

the first data processing system receiving the data packet and including 
program instructions to decrypt one of the encrypted session keys with a private 
key of the first user, and to decrypt the encrypted data with the session key to re- 
create the original data. 

2. (Cancelled). 

3. (Cancelled). 

4. (Cancelled). 

5. (Cancelled). 

6. (Cancelled). 

7. (Currently Amended) The method, as set forth in claim 1 , further comprising 
storing s the user's private key on a data storage medium coupled to the 
destination data processing system. 

8. (Previously Presented) The method, as set forth in claim 1 , further comprising 
storing the master private key on a data storage medium coupled to the 
destination data processing system. 
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9. (Previously Presented) The method, as set forth in claim 7, further comprising 
retrieving the user's private key from a smart card utilizing a smart card reader 
coupled to the destination data processing system. 

10. (Previously Presented) The method, as set forth in claim 1 , further comprising 
retrieving the master private key from a smart card utilizing a smart card reader 
coupled to the destination data processing system. 

1 1 . (Original) The method, as set forth in claim 1 , further comprising utilizing a 
plurality of public master keys and a plurality of private master keys to decrypt 
the encrypted session key. 

12. (Currently Amended) A method for encrypting data public key data e ncrypt i on 
syst e m wh e r e in e ach us o r has a pr i vat e key and a c e rt i f i cat e conta i ning data 
p e rtaining to th o us o r i nclud i ng th e us e r's public k o y, th o encrypt i on syst e m 
comprising: a master pub li c key; c 

providing a first data processing system op e rab le to g e n e r a t e a s e ss i on 
k e y, to e ncrypt data using th e s e ss i on k e y using a symm e tric e ncryption rout i n e , 
to e ncrypt th e s e ss i on k e y w i th th e us e r's pub l ic k e y using a first asymm e tr i c 
e ncrypt i on rout i n e , to e ncrypt the s e ssion k e y with th e mast e r publ i c key using a 
s e cond asymm e tr i c e ncrypt i on routine, to generate a data pack e t inc l ud i ng th e 
e ncrypt e d s e ss i on k e ys and th e e ncrypt e d data, and to transm i t th e dat a packet 
to a s e cond data process i ng syst e m ; 

providing a fee-second data processing system including program 
instructions to generate a session key, to decrypt original data using the session 
key, to encrypt the session key with a first user's public key, to encrypt the 
session key with a master public key, to generate a data packet including a 
plurality of encrypted session keys and encrypted data, and to transmit the data 
packet to the first data processing system; op e rab le to: 
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d e crypt th e data pack e t uti li z i ng th o session key using th e symm e tric 
e ncrypt i on rout i n e ; 

d e crypt th e s e ssion k e y ut ili zing a us e r pr i vat e k e y using the first 
asymm e tric e ncrypt i on rout i n e ; and 

d e crypt th o e ncrypted session key util i z i ng a mast e r pr i vat e k o y using the 
s e cond asymmetr i c e ncryption rout i n e . 

generating and transmitting the data packet to another data processing 
system instead of or in addition to the first data processing system using the first 
user's public key, the session key, a new session key and the master public key; 

the first data processing system receiving the data packet and including 
program instructions to decrypt one of the encrypted session keys with a private 
key of the first user, and to decrypt the encrypted data with the session key to re- 
create the original data; and 

the master public key and a master private key allowing another user to 
gain access to encrypted data, the other user executing program instructions on 
the first data processing system to decrypt the one encrypted session key using 
the master private key, and to decrypt the encrypted data with the session key to 
re-create the original data. 

13. (Cancelled). 

14. (Cancelled). 

15. (Cancelled). 

16. (Cancelled). 

17. (Cancelled). 
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1 8. (Currently Amended) The pub l ic k o v data encrypt i on syst e m, method as set 
forth in claim 12, wherein the user's private key is stored on a data storage 
medium coupled to the second data processing system. 

19. (Currently Amended) The pub l ic k o v data e ncrypt i on svst o m, method as set 
forth in claim 12, wherein the master private key is stored on a data storage 
medium coupled to the second data processing system. 

20. (Currently Amended) The pub l ic k o v dat a e ncryption syst e m, method as set 
forth in claim 12, further comprising a smart card reader coupled to the second 
data processing system and operable to retrieve the user's private key from a 
smart card. 

21 . (Currently Amended) The publ i c k e y data e ncrypt i on syst e m, method as set 
forth in claim 12, further comprising a smart card reader coupled to the second 
data processing system and operable to retrieve the master private key from a 
smart card. 

22. (Currently Amended) The pub l ic k e y data e ncryption syst e m, method as set 
forth in claim 12, further comprising: 

a plurality of master private keys; and 
a plurality of master public keys. 

23. (Cancelled). 

24. (Cancelled). 

25. (Cancelled). 
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26. (Cancelled). 

27. (Cancelled). 

28. (Cancelled). 

29. (Cancelled). 



PATENT 

Docket Number: 16356.722 (DC-01753) 
Customer No. 000027683 



9 



